Firmware is a term used to refer to programs that internally control electronic devices. Virtually every electronic device has some type of firmware included therein. Although there is no strict boundary between where firmware ends and software begins (i.e., definitions of both terms are somewhat loose), it is generally accepted that firmware is involved with controlling the basic and/or low-level operations of an electronic device and is typically, although not exclusively, utilized in electronic devices with no mass-storage device. Without firmware, many electronic devices would not function.
Firmware has evolved to mean almost any programmable content of a hardware device. As used herein, the term “firmware” is understood to mean almost any programmable content of a hardware device and may include, but is not limited to, machine code for a microprocessor, data for application-specific integrated circuits, data for programmable logic devices, and the like. Simple firmware often times resides in Read Only Memory (ROM), while more complex firmware may be stored on flash memory to allow for updates. There may be many reasons to update just a portion of firmware or an entire instance of firmware. For instance, firmware updates may be desired or necessary if a bug is found in the firmware (e.g., a patch needs to be added to the existing firmware) or if new features are to be added to the firmware.
Updating firmware usually involves loading a binary image file provided by the vendor or manufacturer of the electronic device, according to a specific procedure, and may require a user to be present at the device being updated. The traditional firmware upgrade process typically begins by downloading a binary file using specialized equipment from the device manufacturer. After the firmware has been received with no communication errors and locally stored, an administrator can launch the actual upgrade package. As can be appreciated, there are many inefficiencies in current firmware update methods. Additionally, and especially in the case of products that are sold in which different features are only available on certain devices as well as having different costs to the owner of the device, there needs to be a mechanism to efficiently handle these scenarios. There are currently very few mechanisms in place to prohibit this type of action and those mechanisms which are available have a substantial code size footprint. In other words, the analyzer mechanism that determines whether a device is allowed to receive a particular firmware update can take up a significant amount of memory space because it has to store privilege tables and contain verification and authentication algorithms.